Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 CWE-94 Critical Apache Struts Path traversal (S2-067/CVE-2024-53677, S2-066/CVE-2023-50164) CVE-2024-53677 CVE-2023-50164 CWE-434 CWE-434 Critical Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 CWE-917 High Apache Tapestry Unauthenticated RCE (CVE-2019-0195, CVE-2021-27850) CVE-2021-27850 CWE-200 CWE-200 High Apache Tapestry weak secret key CWE-693 CWE-693 High Apache Tika XXE via PDF XFA Content (CVE-2025-66516) CVE-2025-66516 CWE-611 CWE-611 Critical Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745) CVE-2016-8745 High Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493) CVE-2002-0493 High Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634) CVE-2014-9634 Medium Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635) CVE-2014-9635 Medium Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286) CVE-2024-38286 CWE-770 CWE-770 High Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-48988) CVE-2025-48988 CWE-770 CWE-770 High Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-41284) CVE-2026-41284 CWE-770 CWE-770 High Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125) CVE-2025-49125 CWE-288 CWE-288 High Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037) CVE-2018-8037 CWE-362 CWE-362 Medium Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-43980) CVE-2021-43980 CWE-362 CWE-362 Low Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-52434) CVE-2025-52434 CWE-362 CWE-362 High Apache Tomcat Configuration Vulnerability (CVE-2008-0128) CVE-2008-0128 Medium Apache Tomcat Configuration Vulnerability (CVE-2010-4312) CVE-2010-4312 Medium Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548) CVE-2009-3548 High Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724) CVE-2007-4724 CWE-352 CWE-352 Medium Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-6357) CVE-2013-6357 CWE-352 CWE-352 Medium Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351) CVE-2015-5351 CWE-352 CWE-352 High Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064) CVE-2011-5064 Medium Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568) CVE-2012-5568 Medium Apache Tomcat CVE-2016-6794 Vulnerability (CVE-2016-6794) CVE-2016-6794 Medium Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735) CVE-2016-8735 Critical Apache Tomcat CVE-2017-5651 Vulnerability (CVE-2017-5651) CVE-2017-5651 Critical Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304) CVE-2018-1304 Medium Apache Tomcat CVE-2018-1305 Vulnerability (CVE-2018-1305) CVE-2018-1305 Medium Apache Tomcat CVE-2019-2684 Vulnerability (CVE-2019-2684) CVE-2019-2684 Medium Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822) CVE-2020-0822 High Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943) CVE-2020-13943 Medium Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885) CVE-2022-29885 High Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981) CVE-2023-34981 High Apache Tomcat CVE-2023-44487 Vulnerability (CVE-2023-44487) CVE-2023-44487 High Apache Tomcat CVE-2024-24549 Vulnerability (CVE-2024-24549) CVE-2024-24549 High Apache Tomcat CVE-2026-24733 Vulnerability (CVE-2026-24733) CVE-2026-24733 Low Apache Tomcat CVE-2026-24734 Vulnerability (CVE-2026-24734) CVE-2026-24734 High Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227) CVE-2014-0227 Medium Apache Tomcat DEPRECATED: Authentication Bypass Issues Vulnerability (CVE-2026-43512) CVE-2026-43512 CWE-592 CWE-592 Critical Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484) CVE-2020-9484 CWE-502 CWE-502 High Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329) CVE-2021-25329 CWE-502 CWE-502 High Apache Tomcat examples directory vulnerabilities Medium Apache Tomcat Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-5648) CVE-2017-5648 CWE-668 CWE-668 Critical Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-3164) CVE-2005-3164 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2005-4836) CVE-2005-4836 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3382) CVE-2007-3382 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-3385) CVE-2007-3385 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5333) CVE-2007-5333 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4308) CVE-2008-4308 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-5519) CVE-2008-5519 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0580) CVE-2009-0580 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0783) CVE-2009-0783 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1157) CVE-2010-1157 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2204) CVE-2011-2204 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3375) CVE-2011-3375 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2071) CVE-2013-2071 CWE-200 CWE-200 Low Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4590) CVE-2013-4590 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0706) CVE-2016-0706 CWE-200 CWE-200 Medium Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747) CVE-2016-8747 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647) CVE-2017-5647 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12616) CVE-2017-12616 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-17527) CVE-2020-17527 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122) CVE-2021-25122 CWE-200 CWE-200 High Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-42498) CVE-2026-42498 CWE-200 CWE-200 High Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-21733) CVE-2024-21733 CWE-209 CWE-209 Medium Apache Tomcat Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2026-29146) CVE-2026-29146 CWE-209 CWE-209 High Apache Tomcat hello.jsp XSS CVE-2007-1355 CWE-79 CWE-79 Low Apache Tomcat Improper Access Control Vulnerability (CVE-2014-7810) CVE-2014-7810 CWE-284 CWE-284 Medium Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388) CVE-2016-5388 CWE-284 CWE-284 High Apache Tomcat Improper Authentication Vulnerability (CVE-2011-5063) CVE-2011-5063 CWE-287 CWE-287 Medium Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5886) CVE-2012-5886 CWE-287 CWE-287 Medium Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5887) CVE-2012-5887 CWE-287 CWE-287 Medium Apache Tomcat Improper Authentication Vulnerability (CVE-2013-2067) CVE-2013-2067 CWE-287 CWE-287 Medium 1...6789...327 7 / 327
